Crypto exchange rate 'bug' videos are plaguing YouTube — it’s a scam

(Image credit: Shutterstock)

Even though Bitcoin and other cryptocurrencies have taken a turn for the worse recently, crypto investors continue to seek out tips and tricks from others online with the hope of making it big.

Cybercriminals are well aware of this which is why they frequently use all of the techniques at their disposal to scam investors. According to a new blog post from Kaspersky, a new scheme that uses YouTube videos to drive unsuspecting users to fake crypto exchanges is currently making the rounds online.

These videos explain that a “bug” in the crypto exchange Binance makes it possible for investors to take advantage of a huge discrepancy in exchange rates. Just like with traditional currencies, cryptocurrency exchange rates are determined by the market itself. However, exchange rates may vary slightly between the different platforms where cryptocurrency is traded. 

While these differences are usually quite small, a technical glitch could work out in an investor’s favor and this is exactly what the cybercriminals behind this new scam are claiming.

Building hype using YouTube comments

A screenshot of exchange rate bug videos on YouTube

(Image credit: Future)

In order to dupe users into falling for their latest scam, the cybercriminals behind this new scheme first create a YouTube channel where they post videos detailing a ‘clever’ way to get rich that they want to share with the rest of the crypto community.

In the video in question analyzed by Kaspersky’s security researchers, its creators claim they’ve discovered a bug in one of the automated exchanges where one Bitcoin can be exchanged for 184 Ethereum despite the fact that the exchange rate on Binance is currently 18.4. As a result, those who take advantage of this error can get 10 times more money all because of a vanishing decimal point.

To build hype and draw users to their fake crypto exchanges, the cybercriminals pad the comments section of their videos with posts from bots thanking the video’s uploader for sharing this amazing insider knowledge. However, it doesn’t stop there, as they also go to other popular videos and leave comments about a bug on a popular crypto exchange along with a link to their own video. Here they use bots to ensure their comments don’t get lost among the others.

Dozens of fake cryptocurrency exchanges

Crypto investors who watch these videos and express interest in leveraging the bug themselves are provided with a link to a website that has this favorable exchange rate. However, this website is run by the cybercriminals behind the scheme.

When a user tries to sell their crypto on this fake website, they are shown a message saying that the rate is only good for 180 minutes. During the allotted time, victims are asked to transfer the Bitcoin they want to sell for Ethereum to a specific crypto wallet. If they do send Bitcoin, it goes to the cybercriminals behind the scheme who of course, don’t send back any Ethereum in return.

As Kaspersky points out, this website isn’t the only one as cybercriminals have created dozens of fake crypto exchanges and YouTube channels related to this “bug in an exchange rate” scheme.

Kaspersky security expert Mikhail Sytnik provided further insight on this scam in an email to Tom’s Guide, saying:

“Cryptocurrency is coping with difficult times because of a constant drop in exchange rates. Those who want to buy currency at the best price are frequently being targeted by fraudsters. Our recent investigation shows that today attackers resort to new, and more mainstream ways to reach their victims – even considering their YouTube preferences. We strongly recommend users check carefully the crypto resources they turn to and do not rely on random comments on YouTube.”

How to protect yourself from this crypto scam and others like it

A physical Bitcoin placed in a mousetrap as a lure.

(Image credit: Shutterstock/Vitalii Vodolazskyi)

In order to avoid falling victim to this and other crypto scams, Kaspersky recommends being wary if you’re offered something for free or see a deal that looks too good to be true. You should always ask yourself why someone else would want to share something so valuable with you for free.

Likewise, if anyone asks you to send crypto somewhere, you should do your research first and check where they’re going. If you're not confident that the recipient is legitimate, it’s always best to not take the risk no matter how great a deal may look.

Finally, you should have antivirus software or one of the best Android antivirus apps installed on all of the devices that you use to handle cryptocurrency. An antivirus can block malicious software on your devices as well as warn you before you visit any suspicious sites.

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.